Message224894
> Should this be categorized as a security issue?
> You could easily DoS a server with that
> (email.parser is used by http.client to parse HTTP
> headers, it seems).
I think it makes sense to treat this as a security issue.
I don't have a preference about whether to use Serhiy's email_parser_long_lines.patch or my fix_email_parse2.diff
but we should include the extra tests in test_parser.diff. |
|
Date |
User |
Action |
Args |
2014-08-06 01:25:59 | rhettinger | set | recipients:
+ rhettinger, barry, pitrou, christian.heimes, r.david.murray, tshepang, serhiy.storchaka, jader.fabiano |
2014-08-06 01:25:59 | rhettinger | set | messageid: <1407288359.48.0.741340873957.issue21448@psf.upfronthosting.co.za> |
2014-08-06 01:25:59 | rhettinger | link | issue21448 messages |
2014-08-06 01:25:58 | rhettinger | create | |
|